Update 1.1.1 -> 1.2

This commit is contained in:
Jacques Vidrine 2000-06-24 01:48:11 +00:00
parent f81bb1898d
commit 071860d8ce
Notes: svn2git 2021-03-31 03:12:20 +00:00
svn path=/head/; revision=29834
20 changed files with 104 additions and 104 deletions

View File

@ -6,7 +6,8 @@
#
PORTNAME= krb5
PORTVERSION= 1.1.1
PORTVERSION= 1.2b4
DISTNAME= ${PORTNAME}-1.2
CATEGORIES= security
MASTER_SITES= # manual download
EXTRACT_SUFX= .tar

View File

@ -1 +1 @@
MD5 (krb5-1.1.1.tar) = 33ab7d6e99fc09787f0ecce21df46086
MD5 (krb5-1.2.tar) = 5da59d934f14a7bdbde07446d78d7878

View File

@ -1,15 +1,14 @@
--- clients/ksu/main.c.ORIG Fri Dec 17 14:44:39 1999
+++ clients/ksu/main.c Fri Dec 17 18:52:57 1999
@@ -56,7 +56,7 @@
@@ -60,6 +60,6 @@
ill specified arguments to commands */
void usage (){
- fprintf(stderr, "Usage: %s [target user] [-n principal] [-c source cachename] [-C target cachename] [-k] [-D] [-r time] [-pf] [-l lifetime] [-zZ] [-q] [-e command [args... ] ] [-a [args... ] ]\n", prog_name);
+ fprintf(stderr, "Usage: %s [target user] [-m] [-n principal] [-c source cachename] [-C target cachename] [-k] [-D] [-r time] [-pf] [-l lifetime] [-zZ] [-q] [-e command [args... ] ] [-a [args... ] ]\n", prog_name);
}
@@ -75,6 +75,7 @@
@@ -76,6 +76,7 @@
int argc;
char ** argv;
{
@ -25,16 +24,14 @@
krb5_ccache cc_source = NULL;
const char * cc_source_tag = NULL;
@@ -173,7 +175,7 @@
@@ -183,5 +185,5 @@
}
- while(!done && ((option = getopt(pargc, pargv,"n:c:r:a:zZDfpkql:e:")) != -1)){
+ while(!done && ((option = getopt(pargc, pargv,"n:c:r:a:zZDfpkmql:e:")) != -1)){
switch (option) {
case 'r':
options.opt |= KDC_OPT_RENEWABLE;
@@ -219,6 +221,9 @@
@@ -227,6 +229,9 @@
errflg++;
}
break;
@ -44,7 +41,7 @@
case 'n':
if ((retval = krb5_parse_name(ksu_context, optarg, &client))){
com_err(prog_name, retval, "when parsing name %s", optarg);
@@ -326,6 +331,7 @@
@@ -341,6 +341,7 @@
/* allocate space and copy the usernamane there */
source_user = xstrdup(pwd->pw_name);
@ -52,8 +49,9 @@
source_uid = pwd->pw_uid;
source_gid = pwd->pw_gid;
@@ -699,43 +705,60 @@
@@ -669,44 +675,61 @@
/* get the shell of the user, this will be the shell used by su */
target_pwd = getpwnam(target_user);
- if (target_pwd->pw_shell)
@ -81,18 +79,18 @@
- if (!standard_shell(target_pwd->pw_shell) && source_uid) {
- fprintf(stderr, "ksu: permission denied (shell).\n");
- sweep_up(ksu_context, use_source_cache, cc_target);
- sweep_up(ksu_context, cc_target);
- exit(1);
+ if (asme) {
+ if (!standard_shell(pwd->pw_shell) && source_uid) {
+ fprintf(stderr, "ksu: permission denied (shell).\n");
+ sweep_up(ksu_context, use_source_cache, cc_target);
+ sweep_up(ksu_context, cc_target);
+ exit(1);
+ }
+ } else {
+ if (!standard_shell(target_pwd->pw_shell) && source_uid) {
+ fprintf(stderr, "ksu: permission denied (shell).\n");
+ sweep_up(ksu_context, use_source_cache, cc_target);
+ sweep_up(ksu_context, cc_target);
+ exit(1);
+ }
}
@ -102,40 +100,40 @@
-
- if(set_env_var("USER", target_pwd->pw_name)){
- fprintf(stderr,"ksu: couldn't set environment variable USER\n");
- sweep_up(ksu_context, use_source_cache, cc_target);
- sweep_up(ksu_context, cc_target);
- exit(1);
- }
- }
-
- if(set_env_var( "HOME", target_pwd->pw_dir)){
- fprintf(stderr,"ksu: couldn't set environment variable USER\n");
- sweep_up(ksu_context, use_source_cache, cc_target);
- sweep_up(ksu_context, cc_target);
- exit(1);
- }
-
- if(set_env_var( "SHELL", shell)){
- fprintf(stderr,"ksu: couldn't set environment variable USER\n");
- sweep_up(ksu_context, use_source_cache, cc_target);
- sweep_up(ksu_context, cc_target);
- exit(1);
- }
+ if (!asme) {
+ if (target_pwd->pw_uid){
+ if (set_env_var("USER", target_pwd->pw_name)){
+ fprintf(stderr,"ksu: couldn't set environment variable USER\n");
+ sweep_up(ksu_context, use_source_cache, cc_target);
+ sweep_up(ksu_context, cc_target);
+ exit(1);
+ }
+ }
+
+ if (set_env_var( "HOME", target_pwd->pw_dir)){
+ fprintf(stderr,"ksu: couldn't set environment variable USER\n");
+ sweep_up(ksu_context, use_source_cache, cc_target);
+ sweep_up(ksu_context, cc_target);
+ exit(1);
+ }
+
+ if (set_env_var( "SHELL", shell)){
+ fprintf(stderr,"ksu: couldn't set environment variable USER\n");
+ sweep_up(ksu_context, use_source_cache, cc_target);
+ sweep_up(ksu_context, cc_target);
+ exit(1);
+ }
+ }

View File

@ -30,7 +30,7 @@
bad_login:
setpriority(PRIO_PROCESS, 0, 0 + PRIO_OFFSET);
@@ -1634,19 +1625,28 @@
@@ -1640,20 +1631,28 @@
/* set up credential cache -- obeying KRB5_ENV_CCNAME
set earlier */
/* (KRB5_ENV_CCNAME == "KRB5CCNAME" via osconf.h) */
@ -66,7 +66,8 @@
+ }
}
-
- krb5_cc_destroy(kcontext, xtra_creds);
- if (xtra_creds)
- krb5_cc_destroy(kcontext, xtra_creds);
} else if (forwarded_v5_tickets && rewrite_ccache) {
if ((retval = krb5_cc_initialize (kcontext, ccache, me))) {
syslog(LOG_ERR,

View File

@ -60,13 +60,13 @@ lib/libgssrpc.so
lib/libgssrpc.so.3
lib/libk5crypto.a
lib/libk5crypto.so
lib/libk5crypto.so.2
lib/libk5crypto.so.3
lib/libkadm5clnt.a
lib/libkadm5clnt.so
lib/libkadm5clnt.so.3
lib/libkadm5clnt.so.4
lib/libkadm5srv.a
lib/libkadm5srv.so
lib/libkadm5srv.so.3
lib/libkadm5srv.so.4
lib/libkdb5.a
lib/libkdb5.so
lib/libkdb5.so.3
@ -75,7 +75,7 @@ lib/libkrb4.so
lib/libkrb4.so.2
lib/libkrb5.a
lib/libkrb5.so
lib/libkrb5.so.2
lib/libkrb5.so.3
lib/libkrb524.a
lib/libpty.a
lib/libpty.so

View File

@ -6,7 +6,8 @@
#
PORTNAME= krb5
PORTVERSION= 1.1.1
PORTVERSION= 1.2b4
DISTNAME= ${PORTNAME}-1.2
CATEGORIES= security
MASTER_SITES= # manual download
EXTRACT_SUFX= .tar

View File

@ -1 +1 @@
MD5 (krb5-1.1.1.tar) = 33ab7d6e99fc09787f0ecce21df46086
MD5 (krb5-1.2.tar) = 5da59d934f14a7bdbde07446d78d7878

View File

@ -1,15 +1,14 @@
--- clients/ksu/main.c.ORIG Fri Dec 17 14:44:39 1999
+++ clients/ksu/main.c Fri Dec 17 18:52:57 1999
@@ -56,7 +56,7 @@
@@ -60,6 +60,6 @@
ill specified arguments to commands */
void usage (){
- fprintf(stderr, "Usage: %s [target user] [-n principal] [-c source cachename] [-C target cachename] [-k] [-D] [-r time] [-pf] [-l lifetime] [-zZ] [-q] [-e command [args... ] ] [-a [args... ] ]\n", prog_name);
+ fprintf(stderr, "Usage: %s [target user] [-m] [-n principal] [-c source cachename] [-C target cachename] [-k] [-D] [-r time] [-pf] [-l lifetime] [-zZ] [-q] [-e command [args... ] ] [-a [args... ] ]\n", prog_name);
}
@@ -75,6 +75,7 @@
@@ -76,6 +76,7 @@
int argc;
char ** argv;
{
@ -25,16 +24,14 @@
krb5_ccache cc_source = NULL;
const char * cc_source_tag = NULL;
@@ -173,7 +175,7 @@
@@ -183,5 +185,5 @@
}
- while(!done && ((option = getopt(pargc, pargv,"n:c:r:a:zZDfpkql:e:")) != -1)){
+ while(!done && ((option = getopt(pargc, pargv,"n:c:r:a:zZDfpkmql:e:")) != -1)){
switch (option) {
case 'r':
options.opt |= KDC_OPT_RENEWABLE;
@@ -219,6 +221,9 @@
@@ -227,6 +229,9 @@
errflg++;
}
break;
@ -44,7 +41,7 @@
case 'n':
if ((retval = krb5_parse_name(ksu_context, optarg, &client))){
com_err(prog_name, retval, "when parsing name %s", optarg);
@@ -326,6 +331,7 @@
@@ -341,6 +341,7 @@
/* allocate space and copy the usernamane there */
source_user = xstrdup(pwd->pw_name);
@ -52,8 +49,9 @@
source_uid = pwd->pw_uid;
source_gid = pwd->pw_gid;
@@ -699,43 +705,60 @@
@@ -669,44 +675,61 @@
/* get the shell of the user, this will be the shell used by su */
target_pwd = getpwnam(target_user);
- if (target_pwd->pw_shell)
@ -81,18 +79,18 @@
- if (!standard_shell(target_pwd->pw_shell) && source_uid) {
- fprintf(stderr, "ksu: permission denied (shell).\n");
- sweep_up(ksu_context, use_source_cache, cc_target);
- sweep_up(ksu_context, cc_target);
- exit(1);
+ if (asme) {
+ if (!standard_shell(pwd->pw_shell) && source_uid) {
+ fprintf(stderr, "ksu: permission denied (shell).\n");
+ sweep_up(ksu_context, use_source_cache, cc_target);
+ sweep_up(ksu_context, cc_target);
+ exit(1);
+ }
+ } else {
+ if (!standard_shell(target_pwd->pw_shell) && source_uid) {
+ fprintf(stderr, "ksu: permission denied (shell).\n");
+ sweep_up(ksu_context, use_source_cache, cc_target);
+ sweep_up(ksu_context, cc_target);
+ exit(1);
+ }
}
@ -102,40 +100,40 @@
-
- if(set_env_var("USER", target_pwd->pw_name)){
- fprintf(stderr,"ksu: couldn't set environment variable USER\n");
- sweep_up(ksu_context, use_source_cache, cc_target);
- sweep_up(ksu_context, cc_target);
- exit(1);
- }
- }
-
- if(set_env_var( "HOME", target_pwd->pw_dir)){
- fprintf(stderr,"ksu: couldn't set environment variable USER\n");
- sweep_up(ksu_context, use_source_cache, cc_target);
- sweep_up(ksu_context, cc_target);
- exit(1);
- }
-
- if(set_env_var( "SHELL", shell)){
- fprintf(stderr,"ksu: couldn't set environment variable USER\n");
- sweep_up(ksu_context, use_source_cache, cc_target);
- sweep_up(ksu_context, cc_target);
- exit(1);
- }
+ if (!asme) {
+ if (target_pwd->pw_uid){
+ if (set_env_var("USER", target_pwd->pw_name)){
+ fprintf(stderr,"ksu: couldn't set environment variable USER\n");
+ sweep_up(ksu_context, use_source_cache, cc_target);
+ sweep_up(ksu_context, cc_target);
+ exit(1);
+ }
+ }
+
+ if (set_env_var( "HOME", target_pwd->pw_dir)){
+ fprintf(stderr,"ksu: couldn't set environment variable USER\n");
+ sweep_up(ksu_context, use_source_cache, cc_target);
+ sweep_up(ksu_context, cc_target);
+ exit(1);
+ }
+
+ if (set_env_var( "SHELL", shell)){
+ fprintf(stderr,"ksu: couldn't set environment variable USER\n");
+ sweep_up(ksu_context, use_source_cache, cc_target);
+ sweep_up(ksu_context, cc_target);
+ exit(1);
+ }
+ }

View File

@ -30,7 +30,7 @@
bad_login:
setpriority(PRIO_PROCESS, 0, 0 + PRIO_OFFSET);
@@ -1634,19 +1625,28 @@
@@ -1640,20 +1631,28 @@
/* set up credential cache -- obeying KRB5_ENV_CCNAME
set earlier */
/* (KRB5_ENV_CCNAME == "KRB5CCNAME" via osconf.h) */
@ -66,7 +66,8 @@
+ }
}
-
- krb5_cc_destroy(kcontext, xtra_creds);
- if (xtra_creds)
- krb5_cc_destroy(kcontext, xtra_creds);
} else if (forwarded_v5_tickets && rewrite_ccache) {
if ((retval = krb5_cc_initialize (kcontext, ccache, me))) {
syslog(LOG_ERR,

View File

@ -60,13 +60,13 @@ lib/libgssrpc.so
lib/libgssrpc.so.3
lib/libk5crypto.a
lib/libk5crypto.so
lib/libk5crypto.so.2
lib/libk5crypto.so.3
lib/libkadm5clnt.a
lib/libkadm5clnt.so
lib/libkadm5clnt.so.3
lib/libkadm5clnt.so.4
lib/libkadm5srv.a
lib/libkadm5srv.so
lib/libkadm5srv.so.3
lib/libkadm5srv.so.4
lib/libkdb5.a
lib/libkdb5.so
lib/libkdb5.so.3
@ -75,7 +75,7 @@ lib/libkrb4.so
lib/libkrb4.so.2
lib/libkrb5.a
lib/libkrb5.so
lib/libkrb5.so.2
lib/libkrb5.so.3
lib/libkrb524.a
lib/libpty.a
lib/libpty.so

View File

@ -6,7 +6,8 @@
#
PORTNAME= krb5
PORTVERSION= 1.1.1
PORTVERSION= 1.2b4
DISTNAME= ${PORTNAME}-1.2
CATEGORIES= security
MASTER_SITES= # manual download
EXTRACT_SUFX= .tar

View File

@ -1 +1 @@
MD5 (krb5-1.1.1.tar) = 33ab7d6e99fc09787f0ecce21df46086
MD5 (krb5-1.2.tar) = 5da59d934f14a7bdbde07446d78d7878

View File

@ -1,15 +1,14 @@
--- clients/ksu/main.c.ORIG Fri Dec 17 14:44:39 1999
+++ clients/ksu/main.c Fri Dec 17 18:52:57 1999
@@ -56,7 +56,7 @@
@@ -60,6 +60,6 @@
ill specified arguments to commands */
void usage (){
- fprintf(stderr, "Usage: %s [target user] [-n principal] [-c source cachename] [-C target cachename] [-k] [-D] [-r time] [-pf] [-l lifetime] [-zZ] [-q] [-e command [args... ] ] [-a [args... ] ]\n", prog_name);
+ fprintf(stderr, "Usage: %s [target user] [-m] [-n principal] [-c source cachename] [-C target cachename] [-k] [-D] [-r time] [-pf] [-l lifetime] [-zZ] [-q] [-e command [args... ] ] [-a [args... ] ]\n", prog_name);
}
@@ -75,6 +75,7 @@
@@ -76,6 +76,7 @@
int argc;
char ** argv;
{
@ -25,16 +24,14 @@
krb5_ccache cc_source = NULL;
const char * cc_source_tag = NULL;
@@ -173,7 +175,7 @@
@@ -183,5 +185,5 @@
}
- while(!done && ((option = getopt(pargc, pargv,"n:c:r:a:zZDfpkql:e:")) != -1)){
+ while(!done && ((option = getopt(pargc, pargv,"n:c:r:a:zZDfpkmql:e:")) != -1)){
switch (option) {
case 'r':
options.opt |= KDC_OPT_RENEWABLE;
@@ -219,6 +221,9 @@
@@ -227,6 +229,9 @@
errflg++;
}
break;
@ -44,7 +41,7 @@
case 'n':
if ((retval = krb5_parse_name(ksu_context, optarg, &client))){
com_err(prog_name, retval, "when parsing name %s", optarg);
@@ -326,6 +331,7 @@
@@ -341,6 +341,7 @@
/* allocate space and copy the usernamane there */
source_user = xstrdup(pwd->pw_name);
@ -52,8 +49,9 @@
source_uid = pwd->pw_uid;
source_gid = pwd->pw_gid;
@@ -699,43 +705,60 @@
@@ -669,44 +675,61 @@
/* get the shell of the user, this will be the shell used by su */
target_pwd = getpwnam(target_user);
- if (target_pwd->pw_shell)
@ -81,18 +79,18 @@
- if (!standard_shell(target_pwd->pw_shell) && source_uid) {
- fprintf(stderr, "ksu: permission denied (shell).\n");
- sweep_up(ksu_context, use_source_cache, cc_target);
- sweep_up(ksu_context, cc_target);
- exit(1);
+ if (asme) {
+ if (!standard_shell(pwd->pw_shell) && source_uid) {
+ fprintf(stderr, "ksu: permission denied (shell).\n");
+ sweep_up(ksu_context, use_source_cache, cc_target);
+ sweep_up(ksu_context, cc_target);
+ exit(1);
+ }
+ } else {
+ if (!standard_shell(target_pwd->pw_shell) && source_uid) {
+ fprintf(stderr, "ksu: permission denied (shell).\n");
+ sweep_up(ksu_context, use_source_cache, cc_target);
+ sweep_up(ksu_context, cc_target);
+ exit(1);
+ }
}
@ -102,40 +100,40 @@
-
- if(set_env_var("USER", target_pwd->pw_name)){
- fprintf(stderr,"ksu: couldn't set environment variable USER\n");
- sweep_up(ksu_context, use_source_cache, cc_target);
- sweep_up(ksu_context, cc_target);
- exit(1);
- }
- }
-
- if(set_env_var( "HOME", target_pwd->pw_dir)){
- fprintf(stderr,"ksu: couldn't set environment variable USER\n");
- sweep_up(ksu_context, use_source_cache, cc_target);
- sweep_up(ksu_context, cc_target);
- exit(1);
- }
-
- if(set_env_var( "SHELL", shell)){
- fprintf(stderr,"ksu: couldn't set environment variable USER\n");
- sweep_up(ksu_context, use_source_cache, cc_target);
- sweep_up(ksu_context, cc_target);
- exit(1);
- }
+ if (!asme) {
+ if (target_pwd->pw_uid){
+ if (set_env_var("USER", target_pwd->pw_name)){
+ fprintf(stderr,"ksu: couldn't set environment variable USER\n");
+ sweep_up(ksu_context, use_source_cache, cc_target);
+ sweep_up(ksu_context, cc_target);
+ exit(1);
+ }
+ }
+
+ if (set_env_var( "HOME", target_pwd->pw_dir)){
+ fprintf(stderr,"ksu: couldn't set environment variable USER\n");
+ sweep_up(ksu_context, use_source_cache, cc_target);
+ sweep_up(ksu_context, cc_target);
+ exit(1);
+ }
+
+ if (set_env_var( "SHELL", shell)){
+ fprintf(stderr,"ksu: couldn't set environment variable USER\n");
+ sweep_up(ksu_context, use_source_cache, cc_target);
+ sweep_up(ksu_context, cc_target);
+ exit(1);
+ }
+ }

View File

@ -30,7 +30,7 @@
bad_login:
setpriority(PRIO_PROCESS, 0, 0 + PRIO_OFFSET);
@@ -1634,19 +1625,28 @@
@@ -1640,20 +1631,28 @@
/* set up credential cache -- obeying KRB5_ENV_CCNAME
set earlier */
/* (KRB5_ENV_CCNAME == "KRB5CCNAME" via osconf.h) */
@ -66,7 +66,8 @@
+ }
}
-
- krb5_cc_destroy(kcontext, xtra_creds);
- if (xtra_creds)
- krb5_cc_destroy(kcontext, xtra_creds);
} else if (forwarded_v5_tickets && rewrite_ccache) {
if ((retval = krb5_cc_initialize (kcontext, ccache, me))) {
syslog(LOG_ERR,

View File

@ -60,13 +60,13 @@ lib/libgssrpc.so
lib/libgssrpc.so.3
lib/libk5crypto.a
lib/libk5crypto.so
lib/libk5crypto.so.2
lib/libk5crypto.so.3
lib/libkadm5clnt.a
lib/libkadm5clnt.so
lib/libkadm5clnt.so.3
lib/libkadm5clnt.so.4
lib/libkadm5srv.a
lib/libkadm5srv.so
lib/libkadm5srv.so.3
lib/libkadm5srv.so.4
lib/libkdb5.a
lib/libkdb5.so
lib/libkdb5.so.3
@ -75,7 +75,7 @@ lib/libkrb4.so
lib/libkrb4.so.2
lib/libkrb5.a
lib/libkrb5.so
lib/libkrb5.so.2
lib/libkrb5.so.3
lib/libkrb524.a
lib/libpty.a
lib/libpty.so

View File

@ -6,7 +6,8 @@
#
PORTNAME= krb5
PORTVERSION= 1.1.1
PORTVERSION= 1.2b4
DISTNAME= ${PORTNAME}-1.2
CATEGORIES= security
MASTER_SITES= # manual download
EXTRACT_SUFX= .tar

View File

@ -1 +1 @@
MD5 (krb5-1.1.1.tar) = 33ab7d6e99fc09787f0ecce21df46086
MD5 (krb5-1.2.tar) = 5da59d934f14a7bdbde07446d78d7878

View File

@ -1,15 +1,14 @@
--- clients/ksu/main.c.ORIG Fri Dec 17 14:44:39 1999
+++ clients/ksu/main.c Fri Dec 17 18:52:57 1999
@@ -56,7 +56,7 @@
@@ -60,6 +60,6 @@
ill specified arguments to commands */
void usage (){
- fprintf(stderr, "Usage: %s [target user] [-n principal] [-c source cachename] [-C target cachename] [-k] [-D] [-r time] [-pf] [-l lifetime] [-zZ] [-q] [-e command [args... ] ] [-a [args... ] ]\n", prog_name);
+ fprintf(stderr, "Usage: %s [target user] [-m] [-n principal] [-c source cachename] [-C target cachename] [-k] [-D] [-r time] [-pf] [-l lifetime] [-zZ] [-q] [-e command [args... ] ] [-a [args... ] ]\n", prog_name);
}
@@ -75,6 +75,7 @@
@@ -76,6 +76,7 @@
int argc;
char ** argv;
{
@ -25,16 +24,14 @@
krb5_ccache cc_source = NULL;
const char * cc_source_tag = NULL;
@@ -173,7 +175,7 @@
@@ -183,5 +185,5 @@
}
- while(!done && ((option = getopt(pargc, pargv,"n:c:r:a:zZDfpkql:e:")) != -1)){
+ while(!done && ((option = getopt(pargc, pargv,"n:c:r:a:zZDfpkmql:e:")) != -1)){
switch (option) {
case 'r':
options.opt |= KDC_OPT_RENEWABLE;
@@ -219,6 +221,9 @@
@@ -227,6 +229,9 @@
errflg++;
}
break;
@ -44,7 +41,7 @@
case 'n':
if ((retval = krb5_parse_name(ksu_context, optarg, &client))){
com_err(prog_name, retval, "when parsing name %s", optarg);
@@ -326,6 +331,7 @@
@@ -341,6 +341,7 @@
/* allocate space and copy the usernamane there */
source_user = xstrdup(pwd->pw_name);
@ -52,8 +49,9 @@
source_uid = pwd->pw_uid;
source_gid = pwd->pw_gid;
@@ -699,43 +705,60 @@
@@ -669,44 +675,61 @@
/* get the shell of the user, this will be the shell used by su */
target_pwd = getpwnam(target_user);
- if (target_pwd->pw_shell)
@ -81,18 +79,18 @@
- if (!standard_shell(target_pwd->pw_shell) && source_uid) {
- fprintf(stderr, "ksu: permission denied (shell).\n");
- sweep_up(ksu_context, use_source_cache, cc_target);
- sweep_up(ksu_context, cc_target);
- exit(1);
+ if (asme) {
+ if (!standard_shell(pwd->pw_shell) && source_uid) {
+ fprintf(stderr, "ksu: permission denied (shell).\n");
+ sweep_up(ksu_context, use_source_cache, cc_target);
+ sweep_up(ksu_context, cc_target);
+ exit(1);
+ }
+ } else {
+ if (!standard_shell(target_pwd->pw_shell) && source_uid) {
+ fprintf(stderr, "ksu: permission denied (shell).\n");
+ sweep_up(ksu_context, use_source_cache, cc_target);
+ sweep_up(ksu_context, cc_target);
+ exit(1);
+ }
}
@ -102,40 +100,40 @@
-
- if(set_env_var("USER", target_pwd->pw_name)){
- fprintf(stderr,"ksu: couldn't set environment variable USER\n");
- sweep_up(ksu_context, use_source_cache, cc_target);
- sweep_up(ksu_context, cc_target);
- exit(1);
- }
- }
-
- if(set_env_var( "HOME", target_pwd->pw_dir)){
- fprintf(stderr,"ksu: couldn't set environment variable USER\n");
- sweep_up(ksu_context, use_source_cache, cc_target);
- sweep_up(ksu_context, cc_target);
- exit(1);
- }
-
- if(set_env_var( "SHELL", shell)){
- fprintf(stderr,"ksu: couldn't set environment variable USER\n");
- sweep_up(ksu_context, use_source_cache, cc_target);
- sweep_up(ksu_context, cc_target);
- exit(1);
- }
+ if (!asme) {
+ if (target_pwd->pw_uid){
+ if (set_env_var("USER", target_pwd->pw_name)){
+ fprintf(stderr,"ksu: couldn't set environment variable USER\n");
+ sweep_up(ksu_context, use_source_cache, cc_target);
+ sweep_up(ksu_context, cc_target);
+ exit(1);
+ }
+ }
+
+ if (set_env_var( "HOME", target_pwd->pw_dir)){
+ fprintf(stderr,"ksu: couldn't set environment variable USER\n");
+ sweep_up(ksu_context, use_source_cache, cc_target);
+ sweep_up(ksu_context, cc_target);
+ exit(1);
+ }
+
+ if (set_env_var( "SHELL", shell)){
+ fprintf(stderr,"ksu: couldn't set environment variable USER\n");
+ sweep_up(ksu_context, use_source_cache, cc_target);
+ sweep_up(ksu_context, cc_target);
+ exit(1);
+ }
+ }

View File

@ -30,7 +30,7 @@
bad_login:
setpriority(PRIO_PROCESS, 0, 0 + PRIO_OFFSET);
@@ -1634,19 +1625,28 @@
@@ -1640,20 +1631,28 @@
/* set up credential cache -- obeying KRB5_ENV_CCNAME
set earlier */
/* (KRB5_ENV_CCNAME == "KRB5CCNAME" via osconf.h) */
@ -66,7 +66,8 @@
+ }
}
-
- krb5_cc_destroy(kcontext, xtra_creds);
- if (xtra_creds)
- krb5_cc_destroy(kcontext, xtra_creds);
} else if (forwarded_v5_tickets && rewrite_ccache) {
if ((retval = krb5_cc_initialize (kcontext, ccache, me))) {
syslog(LOG_ERR,

View File

@ -60,13 +60,13 @@ lib/libgssrpc.so
lib/libgssrpc.so.3
lib/libk5crypto.a
lib/libk5crypto.so
lib/libk5crypto.so.2
lib/libk5crypto.so.3
lib/libkadm5clnt.a
lib/libkadm5clnt.so
lib/libkadm5clnt.so.3
lib/libkadm5clnt.so.4
lib/libkadm5srv.a
lib/libkadm5srv.so
lib/libkadm5srv.so.3
lib/libkadm5srv.so.4
lib/libkdb5.a
lib/libkdb5.so
lib/libkdb5.so.3
@ -75,7 +75,7 @@ lib/libkrb4.so
lib/libkrb4.so.2
lib/libkrb5.a
lib/libkrb5.so
lib/libkrb5.so.2
lib/libkrb5.so.3
lib/libkrb524.a
lib/libpty.a
lib/libpty.so